For every ecommerce businesses, secure online payments are of paramount importance. And, when it comes to payments the first name that springs to almost every merchant’s mind is Sage Pay.
SUPEE-10266, Magento Commerce 220.127.116.11 and Open Source 18.104.22.168 contain multiple security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. These releases also include fixes for issues with image reloading and payments using one-step checkout. If you don’t want to upgrade your PHP version to 22.214.171.124 then you can just install this security patch and it includes security feature added to Magento 126.96.36.199, so it’s equal to 188.8.131.52 Magento version.
Social media is not merely about being social, social media is a powerful tool that should be leveraged in an effort to promote your business and services online, as well as connect with your customers in an informal way. Utilizing this channel can increasing sales by way of reaching a vast audience of existing as well as potential customers. Aside from satisfying the desires of today's social oriented consumer-- Leveraging social media has proven to increase sales and have a positive impact on KPI's (key performance indicators) including, quota attainment, renewal rate and forecast accuracy.
A new self-healing malware has been discovered by Dutch malware experts. This malware targets online stores running on the Magento platform. It starts execution whenever a user places a new order and can self-heal using code hidden in the website's database. Though this is not the first time a malware is hiding code in the database of the website, is certainly the First Magento malware that uses SQL stored procedures.
Magento has recently released some product and security updates. These new versions provide a range of improvements, including a fix for the recently discovered Zend Framework 1 security vulnerability and quality updates to catalog, payments, and sales modules in Magento 2.
Magento is a widely used open source eCommerce software. A Magento store is also prone to be a target of malicious activities by malware and hackers. And when transacting online, using credit cards or other mode of payment, security is of utmost importance. Even though Magento gets patched for security reasons on a regular basis, below is the detailed list of best practices which can be applied on Magento to mitigate the vulnerabilities.
A new Magento vulnerability has been found in a Zend Framework 1 and 2 EMAIL COMPONENT. The component is used by all Magento 1 and Magento 2 software and other PHP solutions. This vulnerability is serious and can lead to a remote code execution attack if your server uses Sendmail as a mail transport agent.
Magento 2 is faster. M2 supports PHP 7, which frequently delivers a doubling in performance over previous PHP releases. The new default indexers in Magento 2 include all of the functionality as in the previous enterprise versions. The difference is that they come with more efficient updates and have been improved to speed up the query performance.
SUPEE-8788 is the latest security patch for Magento released on October 11, 2016 that provides protection against several types of security-related issues, including remote code execution, information leaks and cross-site scripting.
Magento Commerce has recently announced the launch of its next-generation commerce applications marketplace, Magento Marketplace. Magento merchants can extend the functionality of their Magento stores and deliver far-more-engaging experiences to their customers with a simplified user experience for easy discovery of curated, high-quality products and services. Further, the extension developers get access to a large and growing customer base. With the new Magento Marketplace they are bringing in a new vetting process that consist of a technical, marketing and business value review. This ensures that Magento merchants only buy high quality technologies from the most trusted developers in the Magento ecosystem.